Improvements to the Plugins and Themes Guard

But there was one scenario it didn’t handle as gracefully as we’d like.

The scanner ignored the case where the plugin/theme was entirely removed (or the folder was renamed). It’s obviously a serious event on a site when an active plugin “disappears” so we needed to account for it.

The Guard will now clearly warn you of the problem that a plugin appears to be missing (see screenshot).

As well as this, a couple of smaller bugs with the scanner have been fixed in this release.

Other Shield Improvements

We made the following improvements/fixes to the Shield plugin in this release:

When a request is sent to the WordPress XML-RPC system and you’ve disabled it within Shield, it’ll now trigger the IP Blacklist transgressions counter.

When automatically blacklisting an IP address, Shield will try to determine the server’s public IP address and not trigger a blacklist transgression. This is useful for site/server configurations that aren’t configured correctly for visitor IP detection.

Added support for the use of the WooCommerce Social Login plugin – 2 Factor Authentication will be ignore if the user logs in using this plugin.

Fixed: The Audit Trail automatically cleaning wasn’t working correctly for all sites.

Coming in Shield version 6.6+

We’re bringing some great new features in the next couple of versions.

These will include:

White Labelling for the entire Shield Security plugin – you can brand the security plugin exactly how you’d like it.

Password policies – you’ll be able to set minimum length, strength and password auto-expiration.

As always, if you have feedback on any of this, or suggestions for improvements and features, please let us know in the comments below.